Skip to end of metadata
Go to start of metadata

The Whydah modules are separate services and each module has clearly defined responsibility. Whydah consists of the following modules:

Applications

Services

  • SecurityTokenService - STS
    • The scalable secure session control

  • UserAdminService - UAS
    • Borderline guard for UIB

      1. Ensure validated access to UIB before forwarding request to UIB
        1. Validate application. Main focus is that no requests are forwarded to UIB unless origin is from a validated application.
        2. Validate user. MWhen requests to UIB require admin access, only requests with validated user are forwarded to UIB.
      2. DDos attac will be stoped at UAS, and might bring UAS to a halt. UIB will remain intact.

      Fine-grained access-control of administration APIs.

      1. for å kunne låse ned UIB (borderline security)
        1. BLI: obfuscate url i SsoLoginService, ikke i UAS
        2. BLI: validering av payload, stoppe altfor store ting, f.eks. unngå sql-injection
      2. for å kunne rendyrke ansvar og funksjonalitet i UIB... og la UAS fasillitere flerskrittsprosesser inn mot UIB
      3. audit - spesielt på flerskrittsprosesser
  • UserIdentityBackend - UIB
    • The vault of users and applications

  • Optional: StatisticsService
  • Optional: CRMService
    • A Whydah CRM API with simple standalone persistent customer implementation

      • because user != customer

      Main purpose

      • CRUD API on Customer(s) including the Customer Auth Activities
      • Search-API for CustomerSearches
      • simple standalone implementation to get you going

Test and SDKs

Full Size

See also Architecture Overview

Labels:
None
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.